Towards a theory of declarative knowledge
Foundations of deductive databases and logic programming
Role-Based Access Control Models
Computer
The Unified Modeling Language user guide
The Unified Modeling Language user guide
The object constraint language: precise modeling with UML
The object constraint language: precise modeling with UML
Software engineering for security: a roadmap
Proceedings of the Conference on The Future of Software Engineering
Flexible support for multiple access control policies
ACM Transactions on Database Systems (TODS)
Making inconsistency respectable: a logical framework for inconsistency in reasoning
FAIR '91 Proceedings of the International Workshop on Fundamentals of Artificial Intelligence Research
Towards Development of Secure Systems Using UMLsec
FASE '01 Proceedings of the 4th International Conference on Fundamental Approaches to Software Engineering
Making Inconsistency Respectable: Part 2 - Meta-level handling of inconsistency
ECSQARU '93 Proceedings of the European Conference on Symbolic and Quantitative Approaches to Reasoning and Uncertainty
A Typed Access Control Model for CORBA
ESORICS '00 Proceedings of the 6th European Symposium on Research in Computer Security
SecureUML: A UML-Based Modeling Language for Model-Driven Security
UML '02 Proceedings of the 5th International Conference on The Unified Modeling Language
From use cases to system operation specifications
UML'00 Proceedings of the 3rd international conference on The unified modeling language: advancing the standard
MAC and UML for secure software design
Proceedings of the 2004 ACM workshop on Formal methods in security engineering
Information and Software Technology
Towards realizing a formal RBAC model in real systems
Proceedings of the 12th ACM symposium on Access control models and technologies
Editorial: Model-Driven Development for secure information systems
Information and Software Technology
A verification framework for access control in dynamic web applications
C3S2E '09 Proceedings of the 2nd Canadian Conference on Computer Science and Software Engineering
Unified modeling of attacks, vulnerabilities and security activities
Proceedings of the 2010 ICSE Workshop on Software Engineering for Secure Systems
Constructing authorization systems using assurance management framework
IEEE Transactions on Systems, Man, and Cybernetics, Part C: Applications and Reviews
Challenges in model-based evolution and merging of access control policies
Proceedings of the 12th International Workshop on Principles of Software Evolution and the 7th annual ERCIM Workshop on Software Evolution
Tool support for UML-based specification and verification of role-based access control properties
Proceedings of the 19th ACM SIGSOFT symposium and the 13th European conference on Foundations of software engineering
Role slices: a notation for RBAC permission assignment and enforcement
DBSec'05 Proceedings of the 19th annual IFIP WG 11.3 working conference on Data and Applications Security
Recovering role-based access control security models from dynamic web applications
ICWE'12 Proceedings of the 12th international conference on Web Engineering
Towards Security Assurance in Round-Trip Engineering: A Type-Based Approach
Electronic Notes in Theoretical Computer Science (ENTCS)
| Hi-index | 0.00 |
Security requirements of a software product need to receive attention throughout its development life cycle. authUML is a framework based on logic programming that analyzes access control requirements in the requirements phase of the life cycle to ensure that they are consistent, complete and conflict-free. The framework is a customized version of Flexible Authorization Framework (FAF) of Jajodia et al. [9] suitable for Unified Modeling Language (UML) based requirement engineering. Our approach analyzes requirements on two levels: Use Cases and the conceptual operations [19]. authUML specifies policies to prevent inconsistent, incomplete and conflicting requirements before the developers proceed to the following phases of the development life cycle.